1
22
23 package com.liferay.portal.security.auth;
24
25 import com.liferay.portal.kernel.util.GetterUtil;
26 import com.liferay.portal.kernel.util.InstancePool;
27 import com.liferay.portal.kernel.util.ListUtil;
28 import com.liferay.portal.model.CompanyConstants;
29 import com.liferay.portal.util.PropsKeys;
30 import com.liferay.portal.util.PropsValues;
31
32 import java.util.ArrayList;
33 import java.util.HashMap;
34 import java.util.List;
35 import java.util.Map;
36
37
42 public class AuthPipeline {
43
44 public static int authenticateByEmailAddress(
45 String key, long companyId, String emailAddress, String password,
46 Map<String, String[]> headerMap, Map<String, String[]> parameterMap)
47 throws AuthException {
48
49 return _instance._authenticate(
50 key, companyId, emailAddress, password,
51 CompanyConstants.AUTH_TYPE_EA, headerMap, parameterMap);
52 }
53
54 public static int authenticateByScreenName(
55 String key, long companyId, String screenName, String password,
56 Map<String, String[]> headerMap, Map<String, String[]> parameterMap)
57 throws AuthException {
58
59 return _instance._authenticate(
60 key, companyId, screenName, password, CompanyConstants.AUTH_TYPE_SN,
61 headerMap, parameterMap);
62 }
63
64 public static int authenticateByUserId(
65 String key, long companyId, long userId, String password,
66 Map<String, String[]> headerMap, Map<String, String[]> parameterMap)
67 throws AuthException {
68
69 return _instance._authenticate(
70 key, companyId, String.valueOf(userId), password,
71 CompanyConstants.AUTH_TYPE_ID, headerMap, parameterMap);
72 }
73
74 public static void onFailureByEmailAddress(
75 String key, long companyId, String emailAddress,
76 Map<String, String[]> headerMap, Map<String, String[]> parameterMap)
77 throws AuthException {
78
79 _instance._onFailure(
80 key, companyId, emailAddress, CompanyConstants.AUTH_TYPE_EA,
81 headerMap, parameterMap);
82 }
83
84 public static void onFailureByScreenName(
85 String key, long companyId, String screenName,
86 Map<String, String[]> headerMap, Map<String, String[]> parameterMap)
87 throws AuthException {
88
89 _instance._onFailure(
90 key, companyId, screenName, CompanyConstants.AUTH_TYPE_SN,
91 headerMap, parameterMap);
92 }
93
94 public static void onFailureByUserId(
95 String key, long companyId, long userId,
96 Map<String, String[]> headerMap, Map<String, String[]> parameterMap)
97 throws AuthException {
98
99 _instance._onFailure(
100 key, companyId, String.valueOf(userId),
101 CompanyConstants.AUTH_TYPE_ID, headerMap, parameterMap);
102 }
103
104 public static void onMaxFailuresByEmailAddress(
105 String key, long companyId, String emailAddress,
106 Map<String, String[]> headerMap, Map<String, String[]> parameterMap)
107 throws AuthException {
108
109 onFailureByEmailAddress(
110 key, companyId, emailAddress, headerMap, parameterMap);
111 }
112
113 public static void onMaxFailuresByScreenName(
114 String key, long companyId, String screenName,
115 Map<String, String[]> headerMap, Map<String, String[]> parameterMap)
116 throws AuthException {
117
118 onFailureByScreenName(
119 key, companyId, screenName, headerMap, parameterMap);
120 }
121
122 public static void onMaxFailuresByUserId(
123 String key, long companyId, long userId,
124 Map<String, String[]> headerMap, Map<String, String[]> parameterMap)
125 throws AuthException {
126
127 onFailureByUserId(key, companyId, userId, headerMap, parameterMap);
128 }
129
130 public static void registerAuthenticator(
131 String key, Authenticator authenticator) {
132
133 _instance._registerAuthenticator(key, authenticator);
134 }
135
136 public static void registerAuthFailure(
137 String key, AuthFailure authFailure) {
138
139 _instance._registerAuthFailure(key, authFailure);
140 }
141
142 public static void unregisterAuthenticator(
143 String key, Authenticator authenticator) {
144
145 _instance._unregisterAuthenticator(key, authenticator);
146 }
147
148 public static void unregisterAuthFailure(
149 String key, AuthFailure authFailure) {
150
151 _instance._unregisterAuthFailure(key, authFailure);
152 }
153
154 private AuthPipeline() {
155
156
158 List<Authenticator> authenticators = new ArrayList<Authenticator>();
159
160 for (String authenticatorClassName : PropsValues.AUTH_PIPELINE_PRE) {
161 Authenticator authenticator = (Authenticator)InstancePool.get(
162 authenticatorClassName);
163
164 authenticators.add(authenticator);
165 }
166
167 _authenticators.put(
168 PropsKeys.AUTH_PIPELINE_PRE,
169 authenticators.toArray(new Authenticator[authenticators.size()]));
170
171
173 authenticators.clear();
174
175 for (String authenticatorClassName : PropsValues.AUTH_PIPELINE_POST) {
176 Authenticator authenticator = (Authenticator)InstancePool.get(
177 authenticatorClassName);
178
179 authenticators.add(authenticator);
180 }
181
182 _authenticators.put(
183 PropsKeys.AUTH_PIPELINE_POST,
184 authenticators.toArray(new Authenticator[authenticators.size()]));
185
186
188 List<AuthFailure> authFailures = new ArrayList<AuthFailure>();
189
190 for (String authFailureClassName : PropsValues.AUTH_FAILURE) {
191 AuthFailure authFailure = (AuthFailure)InstancePool.get(
192 authFailureClassName);
193
194 authFailures.add(authFailure);
195 }
196
197 _authFailures.put(
198 PropsKeys.AUTH_FAILURE,
199 authFailures.toArray(new AuthFailure[authFailures.size()]));
200
201
203 authFailures.clear();
204
205 for (String authFailureClassName : PropsValues.AUTH_MAX_FAILURES) {
206 AuthFailure authFailure = (AuthFailure)InstancePool.get(
207 authFailureClassName);
208
209 authFailures.add(authFailure);
210 }
211
212 _authFailures.put(
213 PropsKeys.AUTH_MAX_FAILURES,
214 authFailures.toArray(new AuthFailure[authFailures.size()]));
215 }
216
217 private int _authenticate(
218 String key, long companyId, String login, String password,
219 String authType, Map<String, String[]> headerMap,
220 Map<String, String[]> parameterMap)
221 throws AuthException {
222
223 Authenticator[] authenticators = _authenticators.get(key);
224
225 if ((authenticators == null) || (authenticators.length == 0)) {
226 return 1;
227 }
228
229 for (Authenticator authenticator : authenticators) {
230 try {
231 int authResult = Authenticator.FAILURE;
232
233 if (authType.equals(CompanyConstants.AUTH_TYPE_EA)) {
234 authResult = authenticator.authenticateByEmailAddress(
235 companyId, login, password, headerMap, parameterMap);
236 }
237 else if (authType.equals(CompanyConstants.AUTH_TYPE_SN)) {
238 authResult = authenticator.authenticateByScreenName(
239 companyId, login, password, headerMap, parameterMap);
240 }
241 else if (authType.equals(CompanyConstants.AUTH_TYPE_ID)) {
242 long userId = GetterUtil.getLong(login);
243
244 authResult = authenticator.authenticateByUserId(
245 companyId, userId, password, headerMap, parameterMap);
246 }
247
248 if (authResult != Authenticator.SUCCESS) {
249 return authResult;
250 }
251 }
252 catch (AuthException ae) {
253 throw ae;
254 }
255 catch (Exception e) {
256 throw new AuthException(e);
257 }
258 }
259
260 return Authenticator.SUCCESS;
261 }
262
263 private void _onFailure(
264 String key, long companyId, String login, String authType,
265 Map<String, String[]> headerMap, Map<String, String[]> parameterMap)
266 throws AuthException {
267
268 AuthFailure[] authFailures = _authFailures.get(key);
269
270 if ((authFailures == null) || (authFailures.length == 0)) {
271 return;
272 }
273
274 for (AuthFailure authFailure : authFailures) {
275 try {
276 if (authType.equals(CompanyConstants.AUTH_TYPE_EA)) {
277 authFailure.onFailureByEmailAddress(
278 companyId, login, headerMap, parameterMap);
279 }
280 else if (authType.equals(CompanyConstants.AUTH_TYPE_SN)) {
281 authFailure.onFailureByScreenName(
282 companyId, login, headerMap, parameterMap);
283 }
284 else if (authType.equals(CompanyConstants.AUTH_TYPE_ID)) {
285 long userId = GetterUtil.getLong(login);
286
287 authFailure.onFailureByUserId(
288 companyId, userId, headerMap, parameterMap);
289 }
290 }
291 catch (AuthException ae) {
292 throw ae;
293 }
294 catch (Exception e) {
295 throw new AuthException(e);
296 }
297 }
298 }
299
300 private void _registerAuthenticator(
301 String key, Authenticator authenticator) {
302
303 List<Authenticator> authenticators = ListUtil.fromArray(
304 _authenticators.get(key));
305
306 authenticators.add(authenticator);
307
308 _authenticators.put(
309 key,
310 authenticators.toArray(new Authenticator[authenticators.size()]));
311 }
312
313 private void _registerAuthFailure(String key, AuthFailure authFailure) {
314 List<AuthFailure> authFailures = ListUtil.fromArray(
315 _authFailures.get(key));
316
317 authFailures.add(authFailure);
318
319 _authFailures.put(
320 key, authFailures.toArray(new AuthFailure[authFailures.size()]));
321 }
322
323 private void _unregisterAuthenticator(
324 String key, Authenticator authenticator) {
325
326 List<Authenticator> authenticators = ListUtil.fromArray(
327 _authenticators.get(key));
328
329 if (authenticators.remove(authenticator)) {
330 _authenticators.put(
331 key,
332 authenticators.toArray(
333 new Authenticator[authenticators.size()]));
334 }
335 }
336
337 private void _unregisterAuthFailure(String key, AuthFailure authFailure) {
338 List<AuthFailure> authFailures = ListUtil.fromArray(
339 _authFailures.get(key));
340
341 if (authFailures.remove(authFailure)) {
342 _authFailures.put(
343 key,
344 authFailures.toArray(new AuthFailure[authFailures.size()]));
345 }
346 }
347
348 private static AuthPipeline _instance = new AuthPipeline();
349
350 private Map<String, Authenticator[]> _authenticators =
351 new HashMap<String, Authenticator[]>();
352 private Map<String, AuthFailure[]> _authFailures =
353 new HashMap<String, AuthFailure[]>();
354
355 }